From 07e5613e67cb817c69e592f118abac1dc97722b0 Mon Sep 17 00:00:00 2001
From: ag <ag@wiseadvice.eu>
Date: Tue, 6 Feb 2024 12:12:16 +0100
Subject: [PATCH] commit by to_remotes 2024-02-06 12:12:16 +0100 from vmdevac

---
 bundle-audit-time.txt |  2 +-
 bundle-audit.json     |  2 +-
 report.txt            | 10 +---------
 3 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/bundle-audit-time.txt b/bundle-audit-time.txt
index e816950..f398bf7 100644
--- a/bundle-audit-time.txt
+++ b/bundle-audit-time.txt
@@ -1 +1 @@
-2024-02-06T12:09:19+01:00
+2024-02-06T12:12:15+01:00
diff --git a/bundle-audit.json b/bundle-audit.json
index a88ba61..528dd57 100644
--- a/bundle-audit.json
+++ b/bundle-audit.json
@@ -1 +1 @@
-{"version":"0.9.1","created_at":"2024-02-06 12:09:18 +0100","results":[{"type":"unpatched_gem","gem":{"name":"nokogiri","version":"1.16.0"},"advisory":{"path":"/home/wiseadvice/.local/share/ruby-advisory-db/gems/nokogiri/GHSA-xc9x-jj77-9p9j.yml","id":"GHSA-xc9x-jj77-9p9j","url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xc9x-jj77-9p9j","title":"Improper Handling of Unexpected Data Type in Nokogiri","date":"2024-02-04","description":"### Summary\n\nNokogiri v1.16.2 upgrades the version of its dependency libxml2 to v2.12.5.\n\nlibxml2 v2.12.5 addresses the following vulnerability:\n\nCVE-2024-25062 / https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062\ndescribed at https://gitlab.gnome.org/GNOME/libxml2/-/issues/604\npatched by https://gitlab.gnome.org/GNOME/libxml2/-/commit/92721970\n\nPlease note that this advisory only applies to the CRuby implementation of\nNokogiri < 1.16.2, and only if the packaged libraries are being used. If\nyou've overridden defaults at installation time to use system libraries\ninstead of packaged libraries, you should instead pay attention to your\ndistro's libxml2 release announcements.\n\n### Severity\n\nThe Nokogiri maintainers have evaluated this as **Moderate**.\n\n### Mitigation\n\nUpgrade to Nokogiri >= 1.16.2.\n\nUsers who are unable to upgrade Nokogiri may also choose a more complicated\nmitigation: compile and link Nokogiri against external libraries libxml2 >=\n2.12.5 which will also address these same issues.\n\nJRuby users are not affected.\n\n### Workarounds\n","cvss_v2":null,"cvss_v3":null,"cve":null,"osvdb":null,"ghsa":"xc9x-jj77-9p9j","unaffected_versions":[],"patched_versions":[">= 1.16.2"],"criticality":null}}]}
\ No newline at end of file
+{"version":"0.9.1","created_at":"2024-02-06 12:12:15 +0100","results":[]}
\ No newline at end of file
diff --git a/report.txt b/report.txt
index 1bcba69..8900c02 100644
--- a/report.txt
+++ b/report.txt
@@ -1,9 +1 @@
-Name: nokogiri
-Version: 1.16.0
-GHSA: GHSA-xc9x-jj77-9p9j
-Criticality: Unknown
-URL: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xc9x-jj77-9p9j
-Title: Improper Handling of Unexpected Data Type in Nokogiri
-Solution: upgrade to '>= 1.16.2'
-
-Vulnerabilities found!
+No vulnerabilities found